KLA10982
Privilege escalation vulnerability in Microsoft Exchange Server

Обновлено: 03/06/2020

Дата обнаружения	14/03/2017
Уровень угрозы	Warning
Описание	An improper handling of web requests was found in Microsoft Outlook Web Access. By exploiting this vulnerability malicious users can gain privileges. A successful exploit allows attackers to perform content/script injection attacks, make user disclose sensitive information. This vulnerability can be exploited remotely via a specially designed email containing a malicious link.
Пораженные продукты	Microsoft Exchange Server 2013 Service Pack 1 Microsoft Exchange Server 2013 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 3
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	MS17-015 CVE-2017-0110
Оказываемое влияние ?	PE [?]
Связанные продукты	Microsoft Exchange Server
CVE-IDS	CVE-2017-01104.3Warning
Microsoft official advisories	Microsoft Security Update Guide
KB list	4012178
	Узнай статистику распространения уязвимостей в твоем регионе

KLA10982Privilege escalation vulnerability in Microsoft Exchange Server